An electric power system is a network of electrical components used to supply, transmit and use electric power. An example of an electric power system is the network that supplies a region's homes and industry with power—for sizable regions, this power system is known as the grid and can be broadly divided into the generators that supply the power, the transmission system that carries the power from the generating centers to the load centers and the distribution system that feeds the power to nearby homes and industries. Smaller power systems are also found in industry, hospitals, commercial buildings and homes.
A power distribution system includes a variety of geographically-distributed power system devices (PSDs) forming the backbone of the power system. Oftentimes, a supervisory control and data acquisition (SCADA) system is employed, utilizing distribution components such as remote terminal units (RTUs), digital fault recorders (DFRs), intelligent electronic devices (IEDs), programmable logic controllers (PLCs), and the like.
Any of these PSDs can be configured to communicate with one or more other PSDs over a communication link, wired or wireless, such as over a wide area network (WAN), point-to-point or multi-hop radio frequency (RF) link, which may be in a licensed or unlicensed band, depending on system requirements and local regulations of the RF spectrum. Wired communications are conducted over a variety of mediums, for example, power lines, packet switched telephone networks (PSTN), T-carrier, fiber optics, etc., and may be sent over a network of interconnected devices such as the Internet, or a private network, Radio communications are typically handled by two-way radio systems, which may be half-duplex (in which only one device from a communicating pair of devices transmits at a given time), or full-duplex (in which both devices of a communicating pair can transmit data concurrently to be received by the other device).
Whether wired or wireless, the communications between PSDs are susceptible to eavesdropping or tampering. Historically, communications between PSDs have been designed with emphasis primarily on reliability. Originally, system designers were less concerned about the possibility of unauthorized third persons listening in on power system management data, let alone purposefully interfering with those communications. Over time, it became apparent that power distribution systems can be susceptible to various threats, whether from mischief akin to simple vandalism, more sophisticated attacks from criminal groups seeking to interfere with power systems for any one of a variety of unlawful purposes, e.g., “hacktivism,” ransom extortions, etc., or even from hostile nations aiming to attack national infrastructure by wreaking havoc with essential services to homes and businesses. Accordingly, power system designers have looked for different approaches in an effort to provide enhanced security to radio communications between PSDs.
There are myriad known solutions for improving security of communications from intrusions such as eavesdropping, jamming, and manipulation of data by third parties. One well-known approach is the use of data encryption to obfuscate the information being communicated. Many encryption techniques are well-known, such as a symmetric key (e.g., stream cipher, block cipher, etc.), or asymmetric keys (e.g., public key cryptography or digital signature).
Conventional encryption techniques are susceptible to attacks in which an eavesdropper monitors ongoing communications for a sufficient period of time to discern characteristic patterns which can then be exploited to break the code. One solution to mitigate this susceptibility is the use of steganography, concealing the existence of a transmission from all but the sender and intended recipient of the message. Whereas cryptography protects the contents of a message, steganography is regarded as protecting both messages and communicating parties. Typically, the message is embedded within a seemingly unrelated cover message using an algorithm known only to the sender and recipient, thereby concealing the existence of the message.
Another related conventional cryptographic technique for concealing a message without the requirement for encryption is known as chaffing and winnowing. Chaffing is a process, performed by a sender, of burying the message to be transmitted within a stream of bogus data referred to as the chaff, generally by interleaving parts of the message with random data. This technique relies upon the use of a secret message authentication code (MAC) shared between the sender and recipient that is needed to discern the message (i.e., separating the wheat from the chaff). The MAC is used to identify portions of the message from within the stream of the bogus data in a process termed winnowing, which is performed by the recipient of the message.
One problem with the above-identified techniques is exchanging keys, MACs, or other secret information between the sender and receiver in a secure way (i.e., avoiding an unsecure communication channel that might be eavesdropped on during the key exchange). These shared secrets are typically exchanged in an out-of-band communication. In this context, the term out-of-band refers to utilizing a separate channel, or an entirely different mode of communication that is different from the primary channels on which the message is communicated between the sender and recipient devices, and one that is preferably not susceptible to being eavesdropped on or interfered with.
Variations of the chaffing and winnowing technique have been proposed as a steganography method. For instance, in U.S. Pub. No. 2010/0033305, chaffing and winnowing without the use of a MAC is proposed for steganographic purposes. In this approach, “noise” is inserted into the communication channels with the data transmissions by the sender of the data, by one or more additional noise transmitters, or by the recipient. If the recipient is not the generator of the noise, data regarding the noise must be conveyed to the recipient over a secure or dedicated communication link; the recipient then uses the data regarding the noise to perform the winnowing. In another approach, the sender and recipient communicate the message over a pre-arranged sequence of channels (time, frequency, orthogonal codes). Still, in all of these cases, the recipient must obtain knowledge about the noise, which requires an out-of-band conveyance of that knowledge.
Specialized out-of-band communications are often impractical in power systems, where new PSDs may be added and expected to self-configure to work with an already deployed system of PSDs. A public key infrastructure with certificate authorities to support the use of digital signatures is oftentimes impractical in power systems, and PSDs may not have the processing or communication capacity to handle such encryption or protocol. Also, the use of asymmetrical encryption, as in public key cryptosystems, and the use of Diffie-Hellman-type key exchange protocols, require a high level of computing power which may not be available in already-deployed PSDs that are to be upgraded to support increased security.
A practical solution is therefore needed to support secure communications in power systems while avoiding some or all of the above-identified challenges.